diff --git a/systems/aarch64-linux/m4nix/default.nix b/systems/aarch64-linux/m4nix/default.nix new file mode 100644 index 0000000..aaa1120 --- /dev/null +++ b/systems/aarch64-linux/m4nix/default.nix @@ -0,0 +1,77 @@ +{ pkgs, lib, ... }: +with lib; +with lib.metacfg; +{ + imports = [ + ./hardware-configuration.nix + ]; + + metacfg = { + base.enable = true; + gui.enable = true; + nix-ld.enable = true; + nix.enable = true; + podman.enable = true; + secureboot.enable = false; + homeprinter.enable = true; + tools = { + direnv.enable = true; + #git.enable = true; + }; + user.extraGroups = [ + "docker" + "dialout" + ]; + }; + + environment.systemPackages = with pkgs; [ + azure-cli + cloudflare-warp + desktop-file-utils + kubectl + kubectx + k9s + attic-client + piper + ]; + + services.ratbagd.enable = true; + + services.resolved.enable = true; + services.resolved.dnssec = "allow-downgrade"; + services.resolved.extraConfig = '' + ResolveUnicastSingleLabel=yes + ''; + + systemd.packages = [ pkgs.cloudflare-warp ]; # for warp-cli + + virtualisation = { + docker.enable = true; + podman.dockerCompat = false; + }; + + system.autoUpgrade = { + enable = true; + operation = "boot"; + allowReboot = false; + }; + + systemd.user.extraConfig = "DefaultLimitNOFILE=32768"; + + security.pam.loginLimits = [ + { + domain = "*"; + item = "nofile"; + type = "-"; + value = "32768"; + } + { + domain = "*"; + item = "memlock"; + type = "-"; + value = "32768"; + } + ]; + + system.stateVersion = "23.11"; +} diff --git a/systems/aarch64-linux/m4nix/hardware-configuration.nix b/systems/aarch64-linux/m4nix/hardware-configuration.nix new file mode 100644 index 0000000..f1c3a17 --- /dev/null +++ b/systems/aarch64-linux/m4nix/hardware-configuration.nix @@ -0,0 +1,37 @@ +# Do not modify this file! It was generated by ‘nixos-generate-config’ +# and may be overwritten by future invocations. Please make changes +# to /etc/nixos/configuration.nix instead. +{ config, lib, pkgs, modulesPath, ... }: + +{ + imports = [ ]; + + boot.initrd.availableKernelModules = [ "xhci_pci" ]; + boot.initrd.kernelModules = [ ]; + boot.kernelModules = [ ]; + boot.extraModulePackages = [ ]; + + fileSystems."/" = + { device = "/dev/disk/by-uuid/b340000f-2927-414d-9382-edd3120b8e80"; + fsType = "ext4"; + }; + + fileSystems."/boot" = + { device = "/dev/disk/by-uuid/16C0-5FB0"; + fsType = "vfat"; + options = [ "fmask=0077" "dmask=0077" ]; + }; + + swapDevices = + [ { device = "/dev/disk/by-uuid/76cc3afa-b57e-4f25-95f4-7b15bf1fb796"; } + ]; + + # Enables DHCP on each ethernet and wireless interface. In case of scripted networking + # (the default) this is the recommended approach. When using systemd-networkd it's + # still possible to use this option, but it's recommended to use it in conjunction + # with explicit per-interface declarations with `networking.interfaces..useDHCP`. + networking.useDHCP = lib.mkDefault true; + # networking.interfaces.enp0s1.useDHCP = lib.mkDefault true; + + nixpkgs.hostPlatform = lib.mkDefault "aarch64-linux"; +}